﻿using System;
using System.Collections;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.Serialization;
using System.Text;
using System.Configuration;
using System.Data;
using System.Data.SqlClient;
using System.Data.Sql;
using System.IO;
using System.Net.Mime;


namespace CM_Classes
{
    public class User
    {

        User user = new User();

        private int empID;
        public int EmpID
        {
            get { return empID; }
            set { empID = value; }
        }

        private string firstName;
        public string FirstName
        {
            get { return firstName; }
            set { firstName = value; }
        }

        private string lastName;
        public string LastName
        {
            get { return lastName; }
            set { lastName = value; }
        }

        private string userName;
        public string UserName
        {
            get { return userName; }
            set { userName = value; }
        }

        private string password;
        public string Password
        {
            get { return password; }
            set { password = value; }
        }

        private byte ? photoID;
        public byte ? PhotoID
        {
            get { return photoID; }
            set { photoID = value; }
        }

        private bool userDisabled;
        public bool UserDisabled
        {                      
            get { return userDisabled; }
            set { userDisabled = value; }
        }

        private int groupID;
        public int GroupID
        {
            get { return groupID; }
            set { groupID = value; }
        }



        public List<User> GetUsers()
        {
            string results = "";
            string getUsers = string.Empty;
            string connectionString = @"Data Source=t-sql;Initial Catalog=ConfigurationManager;Integrated Security=True";
            List<User> User = new List<User>();

            using (SqlConnection conn = new SqlConnection(connectionString))
            {
                try
                {
                    conn.Open();
                    var addUserSP = "GetUsers";
                    using (SqlCommand getUsersCommand = new SqlCommand(addUserSP, conn))
                    {
                        getUsersCommand.CommandType = CommandType.StoredProcedure;
                        getUsersCommand.Parameters.AddWithValue("@EmpID", this.EmpID);
                        getUsersCommand.Parameters.AddWithValue("@FirstName", this.FirstName);
                        getUsersCommand.Parameters.AddWithValue("@LastName", this.LastName);
                        getUsersCommand.Parameters.AddWithValue("@UserName", this.UserName);
                        getUsersCommand.Parameters.AddWithValue("@Password", this.Password);
                        getUsersCommand.Parameters.AddWithValue("@UserDisabled", this.UserDisabled);

                        int x = getUsersCommand.ExecuteNonQuery();

                        //LogTransaction(int empID, string appmsg, string exceptmsg, string severity)

                    }
                }
                catch (SqlException sqlEx)
                {
                    results = sqlEx.Message;
                }
                catch (Exception ex)
                {
                    results = ex.Message;
                }
                return User;
            }

        }

        public string AddUser()
        {
            string imgLocation = "";
            string results = "";
            string addUser = string.Empty;
            string connectionString = @"Data Source=t-sql;Initial Catalog=ConfigurationManager;Integrated Security=True";

            using (SqlConnection conn = new SqlConnection(connectionString))
            {
                try
                {
                    conn.Open();
                    var addUserSP = "AddUser";
                    using (SqlCommand addUserCommand = new SqlCommand(addUserSP, conn))
                    {
                        addUserCommand.CommandType = CommandType.StoredProcedure;
                        addUserCommand.Parameters.AddWithValue("@EmpID", this.EmpID);
                        addUserCommand.Parameters.AddWithValue("@FirstName", this.FirstName);
                        addUserCommand.Parameters.AddWithValue("@LastName", this.LastName);
                        addUserCommand.Parameters.AddWithValue("@UserName", this.UserName);
                        addUserCommand.Parameters.AddWithValue("@Password", this.Password);
                        addUserCommand.Parameters.AddWithValue("@UserDisabled", this.UserDisabled);

                        if (PhotoID != null) //not sure about the object img; should be PhotoID?
                        {
                            byte[] img = null;
                            FileStream fs = new FileStream(imgLocation, FileMode.Open, FileAccess.Read);
                            BinaryReader br = new BinaryReader(fs);
                            img = br.ReadBytes((int)fs.Length);
                            addUserCommand.Parameters.Add(new SqlParameter("@PhotoID", this.PhotoID));
                        }
                        else
                        {
                            PhotoID = null;
                        }

                        int x = addUserCommand.ExecuteNonQuery();

                        //LogTransaction(int empID, string appmsg, string exceptmsg, string severity)

                        results = FirstName + " " + LastName + " has been added.";
                    }
                }
                catch (SqlException sqlEx)
                {
                    results = sqlEx.Message;
                }
                catch (Exception ex)
                {
                    results = ex.Message;
                }
            }

            return results;
        }

        public List<User> FindUser()
        {
            string imgLocation = "";
            string results = "";
            User user = new User();
            string findUser = string.Empty;
            string connectionString = @"Data Source=t-sql;Initial Catalog=ConfigurationManager;Integrated Security=True";
            List<User> User = new List<User>();

            using (SqlConnection conn = new SqlConnection(connectionString))
            {
                try
                {
                    conn.Open();
                    var addUserSP = "FindUserByID";
                    using (SqlCommand findUserCommand = new SqlCommand(addUserSP, conn))
                    {
                        findUserCommand.CommandType = CommandType.StoredProcedure;
                        findUserCommand.Parameters.AddWithValue("@EmpID", this.EmpID);

                        SqlDataReader reader = findUserCommand.ExecuteReader();
                        reader.Read();
                        if (reader.HasRows)
                        {
                            user.FirstName = reader[0].ToString();
                            user.LastName = reader[1].ToString();
                            user.UserName = reader[2].ToString();
                            user.Password = reader[3].ToString();
                            byte[] PhotoID = (byte[])(reader[4]);
                            user.UserDisabled = Convert.ToBoolean(reader[5].ToString());

                            if (PhotoID == null)
                                user.PhotoID = null;
                            else
                            {
                                Memorystream ms = new Memorystream(PhotoID); //??????
                                user.PhotoID = Image.FromStream(ms);  //???????
                            }

                        }
                        else
                        {
                            results = "Employee not found.";
                        }

                        //LogTransaction(int empID, string appmsg, string exceptmsg, string severity)

                    }
                }
                catch (SqlException sqlEx)
                {
                    results = sqlEx.Message;
                }
                catch (Exception ex)
                {
                    results = ex.Message;
                }
            }

            return User;
        }


        public string UpdateUser()
        {
            string imgLocation = "";
            string results = "";
            string updateUser = string.Empty;
            string connectionString = @"Data Source=t-sql;Initial Catalog=ConfigurationManager;Integrated Security=True";
            using (SqlConnection conn = new SqlConnection(connectionString))
            {
                try
                {
                    conn.Open();
                    var addUserSP = "UpdateUser";
                    using (SqlCommand updateUserCommand = new SqlCommand(addUserSP, conn))
                    {
                        updateUserCommand.CommandType = CommandType.StoredProcedure;
                        updateUserCommand.Parameters.AddWithValue("@EmpID", this.EmpID);
                        updateUserCommand.Parameters.AddWithValue("@FirstName", this.FirstName);
                        updateUserCommand.Parameters.AddWithValue("@LastName", this.LastName);
                        updateUserCommand.Parameters.AddWithValue("@UserName", this.UserName);
                        updateUserCommand.Parameters.AddWithValue("@Password", this.Password);
                        updateUserCommand.Parameters.AddWithValue("@UserDisabled", this.UserDisabled);

                        if (PhotoID != null) //not sure about the object img; should be PhotoID?
                        {
                            byte[] img = null;
                            FileStream fs = new FileStream(imgLocation, FileMode.Open, FileAccess.Read);
                            BinaryReader br = new BinaryReader(fs);
                            img = br.ReadBytes((int)fs.Length);
                            updateUserCommand.Parameters.Add(new SqlParameter("@PhotoID", this.PhotoID));
                        }
                        else
                        {
                            PhotoID = null;
                        }
                        int x = updateUserCommand.ExecuteNonQuery();

                        //LogTransaction(int empID, string appmsg, string exceptmsg, string severity)

                        results = FirstName + " " + LastName + " has been updated.";
                    }
                }
                catch (SqlException sqlEx)
                {
                    results = sqlEx.Message;
                }
                catch (Exception ex)
                {
                    results = ex.Message;
                }
            }

            return results;

        }

        public string DeleteUser()
        {
            string imgLocation = "";
            string results = "";
            string addUser = string.Empty;
            string connectionString = @"Data Source=t-sql;Initial Catalog=ConfigurationManager;Integrated Security=True";

            using (SqlConnection conn = new SqlConnection(connectionString))
            {
                try
                {
                    conn.Open();
                    var addUserSP = "DeleteUser";
                    using (SqlCommand deleteUserCommand = new SqlCommand(addUserSP, conn))
                    {
                        deleteUserCommand.CommandType = CommandType.StoredProcedure;
                        deleteUserCommand.Parameters.AddWithValue("@EmpID", this.EmpID);
                        deleteUserCommand.Parameters.AddWithValue("@FirstName", this.FirstName);
                        deleteUserCommand.Parameters.AddWithValue("@LastName", this.LastName);
                        deleteUserCommand.Parameters.AddWithValue("@UserName", this.UserName);
                        deleteUserCommand.Parameters.AddWithValue("@Password", this.Password);
                        deleteUserCommand.Parameters.AddWithValue("@UserDisabled", this.UserDisabled);

                        byte[] img = null;
                        FileStream fs = new FileStream(imgLocation, FileMode.Open, FileAccess.Read);
                        BinaryReader br = new BinaryReader(fs);
                        img = br.ReadBytes((int)fs.Length);
                        deleteUserCommand.Parameters.Remove(new SqlParameter("@PhotoID", this.PhotoID));    // .Remove ???
                        int x = deleteUserCommand.ExecuteNonQuery();

                        //LogTransaction(int empID, string appmsg, string exceptmsg, string severity)

                        results = FirstName + " " + LastName + " has been deleted.";
                    }
                }
                catch (SqlException sqlEx)
                {
                    results = sqlEx.Message;
                }
                catch (Exception ex)
                {
                    results = ex.Message;
                }
            }

            return results;
        }

    }
}


    
    

